IETF Logo Mail Archive

Re: [hybi] DNS SRV for WebSocket

Iñaki Baz Castillo <ibc@aliax.net> Mon, 28 March 2011 10:41 UTC

Return-Path: <ibc@aliax.net>
X-Original-To: hybi@core3.amsl.com
Delivered-To: hybi@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 01D923A6910 for <hybi@core3.amsl.com>; Mon, 28 Mar 2011 03:41:36 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.655
X-Spam-Level:
X-Spam-Status: No, score=-2.655 tagged_above=-999 required=5 tests=[AWL=0.022, BAYES_00=-2.599, FM_FORGED_GMAIL=0.622, MIME_8BIT_HEADER=0.3, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id bcF75k2hg9ks for <hybi@core3.amsl.com>; Mon, 28 Mar 2011 03:41:35 -0700 (PDT)
Received: from mail-qw0-f44.google.com (mail-qw0-f44.google.com [209.85.216.44]) by core3.amsl.com (Postfix) with ESMTP id 234C93A68F9 for <hybi@ietf.org>; Mon, 28 Mar 2011 03:41:35 -0700 (PDT)
Received: by qwg5 with SMTP id 5so2106025qwg.31 for <hybi@ietf.org>; Mon, 28 Mar 2011 03:43:12 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.229.61.169 with SMTP id t41mr3012738qch.201.1301308992293; Mon, 28 Mar 2011 03:43:12 -0700 (PDT)
Received: by 10.229.35.72 with HTTP; Mon, 28 Mar 2011 03:43:12 -0700 (PDT)
In-Reply-To: <8B0A9FCBB9832F43971E38010638454F04027B92DD@SISPE7MB1.commscope.com>
References: <BANLkTi=G6bc=FquLM8agKWojmDkD9FohxA@mail.gmail.com> <8B0A9FCBB9832F43971E38010638454F04027B925A@SISPE7MB1.commscope.com> <4126.1301298937.410511@puncture> <8B0A9FCBB9832F43971E38010638454F04027B92DD@SISPE7MB1.commscope.com>
Date: Mon, 28 Mar 2011 12:43:12 +0200
Message-ID: <BANLkTikBFAPcXGT3ePnqOtSVVumKdFm1JA@mail.gmail.com>
From: Iñaki Baz Castillo <ibc@aliax.net>
To: "Thomson, Martin" <Martin.Thomson@commscope.com>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
Cc: Server-Initiated HTTP <hybi@ietf.org>
Subject: Re: [hybi] DNS SRV for WebSocket
X-BeenThere: hybi@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Server-Initiated HTTP <hybi.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/hybi>, <mailto:hybi-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/hybi>
List-Post: <mailto:hybi@ietf.org>
List-Help: <mailto:hybi-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/hybi>, <mailto:hybi-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 28 Mar 2011 10:41:36 -0000

2011/3/28 Thomson, Martin <Martin.Thomson@commscope.com>:
> On 2011-03-28 at 09:55:37, Dave Cridland wrote:
>> They are generally not used for port selection, but to allow the
>> diversion of a service from one name (the domain) to another (the
>> providing host).
>
> Security on that front is a little iffy.  See draft-barnes-hard-problem.

Do you consider this "security issue" a real show-stopper for
supporting SRV records in WebSocket? Me not.

The provider could use subdomains of its root domain as A records into
its SRV record, so the problem doesn't arise.

I don't think the corner case described in draft-barnes-hard-problem
is so important. IMHO it's more important to provide load-balancing
and failover to a new protocol.

-- 
Iñaki Baz Castillo
<ibc@aliax.net>

v2.23.0 | Report a Bug | By Email